Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: SHA1 with long salt - alternatives?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi,

I have a number of salted SHA1 hashes that i'm trying to crack with oclhashcat. The salt is known to me.

Quote:Hash function: SHA1
Mode: 120 = sha1($salt.$pass)
Salt length = 45 characters
AMD HD 7800

When I run the application it does not find a match even though I know that the dictionary contain the correct passwords. The application does not display an error message about salt:hash lines being to long although it finds matches the salt is shortened.

My first question is whether it is true that the salt:hash line cant be any longer than 55 characters (or around there)? Are there any workarounds?

I understand that you are not looking to increase the length of the salt:hash line any time soon since it will have an adverse effect on the speed in general. My second question is therefore if you have any suggestions on other software or techniques suitable for this task. Im looking for a solution that can utilize the GPU of my computer.

Thanks in advance
/O
it's not the length of hashConfusedalt that matters but salt+password length with is restricted to 55 chars. For longer combinations you can try jtr.
Thank you for your reply.

If the restriction is 55 characters for salt+password then I should be fine. However, oclhashcat does not find any of my passwords with a 45 character long salt.

To make an example, I have the password bubbaloo, of which I have made two hashes. The hashes each have different salts.

This is the hashfile:
  • 9f3a76b19306930a84f530c8a5c26ee3230c7da4:fEPjA41CNVq6qTfxz4E4fFhcY3iMnrvi8CSy6xQ1SBgty
  • 762d62203db3103cc98e9f2b9b2d9930a237802c:12

The password is in my dictionary (it's the only word). Oclhashcat finds only the second password. Any suggestions as to why?
As undeath wrote:
[salt+password length with is restricted to 55 chars]

Seems that your Hash+salt is 85 characters: (too long)
9f3a76b19306930a84f530c8a5c26ee3230c7da4:fEPjA41CNVq6qTfxz4E4fFhcY3iMnrvi8CSy6xQ​1SBgty
there are many restrictions.

one is that pass + salt can not be longer than 55
but there is another one both pass or salt can not be longer than 32
Thank you both for the clarifications.